MozillaZine

Mozilla Firefox 3.0.1 Released

Saturday July 19th, 2008

The first minor update to Mozilla Firefox 3 has been released. Firefox 3.0.1 fixes three critical security vulnerabilities, improves stability and resolves a handful of other small bugs.

The security fixes are detailed in the Firefox 3.0.1 section of the Security Advisories for Firefox 3.0 page. Two of the issues — one related to how Firefox handles command-line URLs to open multiple tabs and another allowing remote code execution by overflowing a CSS reference counter — were also present in Firefox 2 and fixed in Tuesday's Firefox 2.0.0.16 release. Security improvements in Firefox 3 mean that it's not vulnerable to some of the Firefox 2 variants of the command-line multiple tab exploit but it can still be compromised by combining the attack with a script injection flaw.

The final flaw only affects Mac OS X and allows an attacker to crash Firefox with a malformed GIF file, potentially gaining the ability to execute arbitrary code on the victim's computer. This vulnerability is not present in Firefox 2.

The non-security fixes include an issue where the phishing and malware database did not update on first launch and a problem that could cause Firefox to not save the security certificate exceptions list properly. A bug that could result in missing output when printing a selection from a page (bug 433373) was resolved and a Linux issue causing Firefox to always start in offline mode when using a PPP connection (bug 424626) was also fixed. The Public Suffix list has also been updated (bug 438585).

The Firefox 3.0.1 Release Notes have more details about the fixes in this minor upgrade. The new version can be downloaded from the Firefox product page or the Firefox 3.0.1 directory on releases.mozilla.org but most Firefox 3 users are expected to get it via the software update feature built in to the browser or their own operating system's update facility.


#7 PLEASE HELP

by robertrun <robertrun@fastmail.us>

Friday August 29th, 2008 6:42 AM

You are replying to this message

The new version of firefox crashes every time I open it. I have work I need to do and I can't get anything done. Someone please be kind enough to send me an email to tell me how to revert to my previous version. <robertrun@fastmail.us>

The crash reports don't even work. There is some kind of problem that does not alow them to get sent.

I don't think this new version should have been released, it is not ready.

Please, excuse my ignorance and let me know howe to revert to my older version. <robertrun@fastmail.us>